Virus Piggybacks Microsoft Mail Worm 545
metacell writes "A virus (a version of the Chernobyl virus) infects an email worm executable (the Klez worm), and is spread along with it. "
It's a damn good *delete* thing that Microsoft has been *delete* spending the last few weeks
doing a *delete* security audit *delete* of all of *delete* ah never mind. My wrist hurts
from deleting over a meg of mail worm viruses a day.
Solution (Score:5, Interesting)
No one uses Outlook macros anyway, except worm writers. It's common sense that I don't want any software, not just viruses, automatically sending email without my consent or confirmation (or even knowledge!)
Re:Solution (Score:2, Funny)
Re:Solution (Score:2)
Re:Solution (Score:2)
I have not seen one company who uses this feature intetionally but they all have it activated and I have helped hundreds of them clean up after a virus. It does not matter if I turn it off because I do not maintain their networks and they will just reactivate it the next time they reinstall their system. On top of that they are not willing to pay someone to setup their network securely.
If you are talking to managers they see absolutely no need to spend good money on security/AV. They bought norton so all is well. Norton will save them.
It's a bird
Oh! Why do I need to keep it up to date????
Re:Solution (Score:2)
Re:Warning: Ford Explorer Analogy Ahead.... (Score:3, Insightful)
Also, I don't write Outlook scripts for a living (although I do have several I've writen myself to clean up my mailbox, etc). But, to say it is a feature no one uses (or should use) is wrong. There are businesses that do large portions of there business on Outlook Forms, just as there are lots of folks who have done custom Notes development, and just as there are firms that have done customized oracle forms/applications/workflow development.
Re:Solution (Score:3, Interesting)
Options > Security > click on "Restricted sites zone". After that, click on "internet options" in the control panel, select "security" > Restricted sites, click on "custom level" and disable everything.
Re:Solution (Score:2)
Require PKC! (Score:5, Interesting)
You don't have to remove the functionality; just make it REQUIRE the script to be CRYPTOGRAPHICALLY SIGNED by a known entity, like the sysadmin.
Fucking simple solution, unless you wanna argue that clients should execute code from UNKNOWN and UNTRUSTED sources for some reason?
Re:Solution (Score:2, Informative)
Re:Solution (Score:4, Insightful)
With this done, viruses and worms have little effect.
And the constant reminders to your user-base of proper e-mailing habits does eventually sink in.
Outlook is insecure...yada yada yada...people should take responsibility for their systems and stop blaming Microsoft for everything...after all, they're only responsible for maybe half of the world's problems.
Re:Solution (Score:3, Insightful)
With this done, viruses and worms have little effect.
And the constant reminders to your user-base of proper e-mailing habits does eventually sink in.
And if there's a street near your house with lots of potholes and cracks, you can get larger tires, better shocks for your car, and instruct your passengers to hold on tight when you turn onto that street.
Or you can just take another street
Getting the city to fix the potholes isn't a bad idea either.
Yes CmdrTaco (Score:2)
It is still unpatched, right? Otherwise your submission just looks like stupid MS bashing.
Re:Yes CmdrTaco (Score:2)
Re:Yes CmdrTaco (Score:2)
Furthermore, the other technote/patch you reference is dated may 2001. Either way, the patch has been out for a while. I agree with you, I think they've done about everything they can to get people to patch. Hell, they have enough trouble to get supposed system administrators to patch their damn web servers (code red, Nimida anyone? Both eploited holes that already had patches available).
In XP, they have a setting you can turn on to basically download the patches automatically (I'm speaking second-hand here because I haven't used XP, so I may have this wrong), but my father-in-law said he turned it off because it "screwed up his computer"! Oh well.
Re:Yes CmdrTaco (Score:2)
More importantly, if Microsoft had done their job properly in the first place, Outlook would have never been released with so many gaping security holes.
Seriously, there is no excuse for releasing a product that auto-executes code/macros in email upon retrieval, EVER.
MC Gates? (Score:3, Funny)
Antiviral? (Score:4, Interesting)
Re:Antiviral? (Score:2)
Re:Antiviral? (Score:2)
Re:Antiviral? (Score:3, Insightful)
The first worms out there (as I recall) were autonomously helping computers - fixing problems, tuning them and so on. All beautiful, the computers fixed themselves.
Until someone came in one morning and found the machines jammed on 100% CPU and playing up. The worm had a bug in it. At which point, research stopped quickly because it was shown just how destructive this sort of thing could be.
Please, nobody try and piggyback helpful code onto an e-mail virus. How sure are you that there isn't a single bug on any possible client platform?
Did someone think of it, or did it just happen. (Score:4, Interesting)
Viruses usually employ a mechanism to detect if a file is already infected, so they don't keep adding to the size of the file. One used a marker at the beginning of the file to decide if it was infected, one at the end. So the first virus infected the file, the second came along (modifying the beginning as per normal virus behavior, and adding it's marker to the end), then the first came along again and saw the file was not infected so infected it again. THen things stayed the same.
So it would show up as containing virus A, but you could not disinfect it properly, because it would just re-infect as soon as it was run. B wouldn't show up because B was actually a layer down.
On a side note.. the #1 thing that has reduced the number of viruses coming out of my office has been to ban the use of outlook/outlook express.
New Anti-Terrorism Laws put to good use? (Score:5, Funny)
Re:New Anti-Terrorism Laws put to good use? (Score:2)
I think not.
Re:New Anti-Terrorism Laws put to good use? (Score:2)
Re:New Anti-Terrorism Laws put to good use? (Score:3, Insightful)
(BTW... Is there a version of Godwin's law for gratuitous references to terrorism or the WTC yet?)
Re:New Anti-Terrorism Laws put to good use? (Score:3, Interesting)
Um, troll, no.
When Boeing originally sells a plane, it works perfectly. When MS sells Outlook, it should work perfectly, but doesn't. As time goes on, the plane ages and stops working perfectly. As time goes on, Outlook does not age, and should continue to work perfectly (theoretically), but still continues to not work perfectly. As time goes on, if flaws are found in a Boeing plane that result in a plane crash (not due to aging), Boeing is responsible. As time goes on, if flaws are found in Outlook and causes electronic havoc, MS is responsible. If someone chooses to take a Boeing plane and intentionally crash it into a building, Boeing is not at fault. If someone takes Outlook and intentionally uses it to spread a virus, or commit other malicious behavior, MS is not at fault.
Capiche? Or is that too complicated for you?
Now, if Boeing designed the navigation systems of its planes with a bug that caused them to direct towards and crash into any nearby buildings by default, then Boeing is at fault.
Re: New Anti-Terrorism Laws put to good use? (Score:4, Interesting)
> but wouldn't you love to see SWAT teams breaking down doors to sieze copies of Outlook?
They already do that, except that it's federal marshals [linuxtoday.com] instead of SWAT teams, and it's done for agregated petty theft instead of mass murder.
Oh, well... our society almost has it right.
cant belive ppl still fall for this: (Score:5, Funny)
Klez.E is the most common world-wide spreading worm.It's very dangerous by corrupting your files.
Because of its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it.
We developed this free immunity tool to defeat the malicious virus.
You only need to run this tool once,and then Klez will never come into your PC.
NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it.
If so,Ignore the warning,and select 'continue'.
If you have any question,please mail to me.
Ofcourse, an infected file was attached with the mail..
Re:cant belive ppl still fall for this: (Score:5, Funny)
We're going to be screwed when a native English speaker decides to propagate a virus.
"I send you this file in order to have your advice."
Unless it's a Slashdot poster. (Score:3, Funny)
;)
Re:cant belive ppl still fall for this: (Score:2)
Evolution for Windows (Score:5, Interesting)
Klez seems worse than other mail-based worms (Score:5, Insightful)
It's also been a PITA because of the way it sends itself out as someone in the infected person's address book. This impersonation has caused all the lusers to keep asking "Who is someluser@somedomain.com and why does he say I'm infected?!?!??!??!"
...not to mention some of the cryptic message subjects that come through.
Options? (Score:5, Interesting)
I'm pretty sure that Eudora is still around, but what is out there for windows-based, user friendly software? It'd almost be worth the switch just to avoid all these damn Outlook-friendly virii.
Re:Options? (Score:2, Informative)
with it so far and have gotten 0 virii/worms. It doesn't render HTML, but I
consider that a feature. I use it on an individual basis, so I can't intelligently talk about its use by a larger group. You can even download it for 30 days free
to check it out.
See Agent Product Page [forteinc.com] for more information.
(disclaimer: I don't work for Forte, I'm just a satisfied customer.)
Re:Options? (Score:2)
Re:Options? (Score:4, Informative)
Re:Options? (Score:2)
Re:Options? (Score:5, Informative)
- Eudora (www.eudora.com) [eudora.com]
- Netscape/Mozilla/Opera E-Mail Clients
- Peagsus Mail (www.pmail.com) [pmail.com]
- PM Mail 2000 (www.pmmail2000.com) [pmmail.com]
My university uses Pegasus, my favorite is Balsa (Linux/X Windows), Pine ('nix/Cmd Line)or Eudora (Winblows)Re:Options? (Score:5, Informative)
1) Apply all security patches from Microsoft.
I was just interupted as I was typing this by a coworker asking me about a virus (talk about synchronicity). We don't use Outlook and she wasn't infected but she printed out the email and showed it to me. Sure enough - whatever.scr. I told her to delete it immediately.
Why did she ask me first and not print it? Because we have a policy here - which brings me to point 2:
2) Don't open anything that isn't work related.
3) All computers show all extensions on files.
4) Only open files that you expected with
5) If you get anything else - then ask me or somebody else informed about the latest viruses.
6) When in doubt, call the sender and ask if they intended to send the email.
With all of these in place, when a virus is sent to one of our employees it does not propogate.
I leave you with this thought. A few weeks ago somebody in another department received an email warning about a virus go around. The email said to email this warning to EVERYBODY IN YOUR ADDRESS BOOK. One of my coworkers received the email and asked me about it. Of course it was a hoax and I wrote an email back to the original sender telling her that she basically just sent out a manual email. If everybody sent out that email to everybody in their address book it would be a disaster. The moral of the story - ignorance is the worst virus.
Re:Options? (Score:4, Funny)
The general public not only doesn't understand why they shouldn't open attachments (obviously), they don't understand why anyone would write a virus. When I once told someone to not open attachments that might contain a virus, their reply was "why would they want to infect MY computer". The whooshing sound going over their head was so loud it almost broke the sound barrier.
Honestly, people are stupid and gullible. If you don't believe me, look up gullible on dictionary.com. They updated the definition recently, and it actually says "A very large percentage, nearly 80%, of the human population is extremely gullible." It also cites some documented studies, and indicates that they are actually considering removing gullible from the English dictionary. I would have included a link to the actual page, but my internet access is down at the moment.
Companies cannot afford to give their employees the benefit of the doubt. They have to force things on them. Instead of changing email clients, they should just be outlawing executable attachments. The ones who need educating are the admins, because they see over all the users. You can't believe that it is feasable to educate all the users. Maybe in small companies, but not in large ones.
Re:Options? (Score:3, Funny)
You mean the sound almost reached the speed of sound? Wow, he/she really was stupid.
-Erik
Re:Options? (Score:2)
Re:Options? (Score:2, Informative)
On the bright side, you can switch it off and use Eudora's built in viewer.
http://www.iss.net/security_center/static/8609.
Are you implying.. (Score:2)
We switched the whole company to Eudora for this very reason. It's good, yet somewhat obscure now and virus writers don't target it.
It's also much better at dealing with attachments, and doesn't corrupt mailboxes as often. It's easy to store years worth of mail in eudora.
Eudora.
Netscape communicator's mail client seems popular as well.
Generally... (Score:2)
If some other email client becomes popular, then this same argument would apply to that. Although, often a program is popular for a reason, so personal preferences may make this argument moot.
Re:Options? (Score:2)
Plus, no macros.
Plus, the GroupWise AntiViral Agent (GWAVA) has served us well by blocking infected email at the gateway.
And if you're running a Novell network, the management tools integrate right in. No more juggling accounts! Yay.
GMFTatsujin
Re:Options? (Score:2)
Counting till 126. And that is free and shareware. I bet this doubles when going for payware. Some packages are even so disfunctional it will even block execution of viruses.
And not forgetting number 127: telnet your pop3. [liquidweb.com]. 8 commands to remember, if that is not user friendly. 8-)
CmdrTaco is RIGHT! (Score:4, Insightful)
So, in short, there's two lines of Microsoft bashing there, accompanying a really dull story about a virus that no AV software has any trouble detecting?
Must be the slow season I guess.
patches won't do it (Score:3, Insightful)
Braaaa-ziiiilllllll (Score:2)
Life imitates art.
Re:Braaaa-ziiiilllllll (Score:2, Interesting)
I use outlook... but not for much longer (Score:2, Insightful)
I have done for many years
I like the interface, its easy to use, and I'm used to it
However, in the past few months I have been recieving more and more viruses and it has seriously made me reconsider my position... Last week alone my virus scanner blocked atleast 50 virus infected emails
I never open attachments, I have the preview pane turned off, I have outlook set to use the restricted zone for emails, I have norton scanning every email I get - but just yesturday I got an email informing me that I'd sent an infected mail out...
I will almost certainly be moving away from outlook within the next week just to get away from it all
Re:I use outlook... but not for much longer (Score:3, Funny)
Re:I use outlook... but not for much longer (Score:2)
the worm has the ability to spoof the From: field (often set to an address found on the victim machine).
My wrist hurts, blah, blah, blah... (Score:5, Funny)
Re:My wrist hurts, blah, blah, blah... (Score:5, Funny)
Re:My wrist hurts, blah, blah, blah... (Score:4, Informative)
:0 B
*^Content-Type: (application|audio)
*^.*name=.*\.(vb[esx]|jse?|w
/dev/null
Re:My wrist hurts, blah, blah, blah... (Score:2)
Re:My wrist hurts, blah, blah, blah... (Score:2)
How about a filter for evolution? Even if I can convince mom to use linux, there is no way I can talk her through procmail.
Re:My wrist hurts, blah, blah, blah... (Score:3, Funny)
For as long as (Score:2, Insightful)
put everyone who sends you worms in a filter (Score:2)
allspam folder grows and the sensible people who dont send you worms + virus because they use a decent mailer dont get abused
simple why are you haveing such a hard time ?
ah you must run outlook or be unable of adding filter rules OR even asking you local sysadmin to do it for you all of which mean your a moron
regards
john jones
Suggestion (Score:5, Funny)
Re:Suggestion (Score:2)
Suggestions? (Score:2)
I often end up providing "tech support" to those who know I'm a "computer guy". None of their hosts use server-based AV software, but I'd like to send them some links.
Re:Suggestion (Score:3, Funny)
Can you accept an admin that allows his users to recieve "over a meg" of tainted messages every single day, even though tools exist that would prevent those messages from clogging the system or exposing said user to risk?
Outlook (Score:2, Insightful)
I'm telling you, software makers NEED liability. It's the only way we will ever have responsible programs released. Right now, software makers can get away with selling products that have defects in them on the order of ones that if they were in cars, would send Ford or GM into receivership.
These e-mail worms would never be able to spread in this way if it were not for defects in Microsoft products.
Until software houses are FORCED by liability that can't be EULA'ed away, there will never be wuality control.
Re:Outlook (Score:3, Insightful)
Before you go asking for something like this think about how it will impact the open source and free software community. All software has bugs. Bugs for the most part are not intentional. Would a free software project have the resources to fight off litigation caused by exploit? Punish the script kiddies if you want to punish someone but don't go after the industry because of a few bad apples. This is very similar to copy protecting CD's because a few people might pirate the contents.
Re:Outlook (Score:2)
You know what? If this happens, the software industry has no one but themselves to blame. They've had plenty of time and then some to self-police, and have failed to take bugs and security seriously.
True, not ALL software companies are MS, but it is MS that has the flaws, and is on most of the machines. Sadly.
Re:Outlook (Score:2)
When it comes down to the courts, even health and life is expressed in dollar damage awards.
Software security holes and bugs lead to what is probably many milliions to maybe BILLIONS of dollars in damage and loss each year.
If the software industry took QUALITY as seriously as they do feeding their BSA stormtroopers, I might be more sympathetic to their piracy cries.
Re:Outlook (Score:2)
The problem is, they would just argue "hey, the patch is available, why didn't you apply it?"
To which I reply, "Why did you release it (and take my money) before you patched that?"
Liability for virus transfer (Score:2, Interesting)
If the incentive existed, individual users would tend to take more responsibility for what moves through their computers.
And sure, most people with PCs and email today don't have a clue about virus transmission, but why should that be an excuse to let their irresponsible behavior cause damage to everyone else? Either get a clue, or leave the net to people who have one.
Re:Liability for virus transfer (Score:2)
Great, now I'll have to get liability insurance on my computers too.
Wrist ache (Score:2)
Procmail [procmail.org] is your friend. As soon as I get more than 4 or 5 copies of a spam / worm / virus, it gets a procmail rule to autodelete it. Simple, really...
a bug with a bug (Score:2)
Now what I want to know: is this train wreck a coincidence or has someone been cross-breeding?
/Brian
Re:a bug with a bug (Score:2)
From the article:
Pure fluke by the looks of things - Chernobyl has been around for ages (4 years) and happened to infect Klez as it would any other file. When you think about it, people who're still catching 4 year old virii are more likely to be propagating the newer stuff too.
Not Always MS's fault (Score:2, Informative)
Most (but not all) email virus/worms are Javascript, Visual Basic or
MS put the "double click" functionality in to make people's lives easier, and on the whole, they have. Outlook is very easy to use and this is one of the reasons it's so widespread (another being that it's very powerful, but that's going off topic). Combine this ease of use with how common MS Outlook is, and you'll see why virus writers write viruses for it. If some new Mail client became as popular, don't think for a minute that it wouldn't have similar viruses.
All that it takes to stop viruses like Klez is for the mail administrator to block attachments with
I'm not talking here about some of the rather more ominous security holes in Outlook - those that allow code to run by previewing the message - because anyone who hasn't patched that yet is a moron. And there are a couple of holes which MS should be hauled over hot coals for, but they aren't exactly the only software firm to produce insecure software.
Never mind Klez, hoaxes are the annoying viruses (Score:2, Informative)
Our duty to our users. (Score:3, Interesting)
You know what I find hilarious? (Score:3, Interesting)
Think back on a bunch of the copyright issues. Basically, one of the problems is that you are in trouble if your work can be used in illegal ways with great ease. Thats why napster got busted--the courts found that their system was often used for illegaly violating copyright laws, and that they didn't do enough about it (saying "Don't steal music != enough).
well, I am seeing potential lawsuits against microsoft here. Clearly their software is commonly used for spreading virii, and clearly they, too, aren't doing enough about it.
Suuuuuure. They say that security is a "focus," but nothing has really changed. So they obviously are condoning, even promoting, virus writing! Microsoft must be sued to stop them from spreading email virii. It's for the good of the country that this evil corporation must be kept from promoting the internet terrorism which costs taxpayers millions every year.
Just a thought to keep you smiling.
Why I find Klez so interesting... (Score:5, Interesting)
First of all, I did some calculations, and found that there are over 1600 different subject line possibilities alone with this virus! This takes into consideration the number of variable words within the subject lines, and doesn't even account for the number of different message bodies. All things considered, there are probably over 10,000 possibilities!
The second thing about Klez that I find interesting is the payload... You often get totally random files from people's computers (if they survive virus removal)... For example, one of my coworkers got the 2001 operating budget of her church, and was able to see how much everyone was paid, how much they blew on projects, etc... Opening your inbox is like opening presents on christmas morning... most of the stuff is pretty boring, but every once in awhile you open something interesting!
Sircam / Klez == Security wakeup call for idiots (Score:2)
No I'm not trolling, but sometimes I wonder if the writers of Klez / Sircam et.al, were infact white-hats trying to show the average MS user to take security seriously and patch there machine!
Yeah, every office worker knows something about this "security thing" and how the boss said they shouldn't write there passwords down. But only when they start getting mailed other peoples confidential info will they sit up, take notice and patch, or so you would think! Maybe it backfired a bit.
Incidently, try setting your gnutella client to look for .doc .xls and other MS extentions. The number of idiots who have misconfigured there clients (installed on work machines) to share there entire hard drive is worrying. Wake Up!
What can Microsoft do? (Score:4, Insightful)
Let's take a constructive approach to this topic. With so many SysAdmins out there, what are the TOP TEN things that Microsoft (or any OS maker) can do to prevent virii? I am just a humble Business Analyst, but here are a few ideas that come to mind for me (I hope the coders will forgive my ignorance on some of the finer points):
10. Disable scripting in certain programs (e-mail) by default.
9. Automatically download security pactches to PCs if they are of a sufficient severity level (but put measures in place to make sure the same mechanism is not used to transmit virii/worms)
8. Auto-detect large numbers of e-mails being sent at once and alert users before sending
7. Make the default install for all systems the most secure install
6. Create a system to auto-report virus/worm infections to a central (independent) agency for monitoring (user-selectable kill switch for this functionality should be available tho)
5. Allow purchase of "health insurance" for PCs by Microsoft to reimburse for lost productivity/hardware due to infection - monetary incentive for MS to push quality and security
4. Create a module of the OS to track virus reports/alerts and display them in the taskbar - produces one trusted source for alerts and to decrease the effectiveness of e-mail hoaxes
3. Integrate virus alert into mail program for incoming e-mails - advise users when a known large-scale e-mail virus/worm is out there to decrease openning of infected mail.
2. Give sysadmins the ability to change e-mail setting for all users when a large-scale outbreak is going, to specifically turn off scripting, html reading, java, etc.
1. Provide a method for a daily audit of all processes running on a machine to identify all those not initiated by the user, and flag those taking part in suspicious activity.
Not sure if those are insightful or lame. But feel free to improve upon this list, ad infinitum.
Re:What can Microsoft do? (Score:3, Informative)
Now as far as what Microsoft can do, let's look at your list and what they have done.
10. Done. New versions of Outlook by default disable scripting.
9. Windows XP automatically downloads security patches. This functionality should be extended to universally cover Office and other products as well.
8. Done. New versions of Outlook by default will warn a user if an external app is trying to use it to send email, and further warn if it's being used rapidly.
7. Pretty much done with WinXP. There are a few settings relating to domain authentication that can be strengthened by default. I think they are not because it would cause connectivity issues with older NT domains.
6. That would be virus protection and step on third parties like Norton and McAfee.
5. That's not Microsoft's responsibility.
4. Again virus protection.
3. Again virus protection.
2. Done. This is part of the Active Directory integration.
1. Process auditing has been part of NT since the very beginning. What you want is reporting on that, and I don't think you fully appreciate just how big of a task this would be. This functionality is really only useful in more secure DoD installations because of the scope.
The Klez Worm's Little Friend (Score:3, Interesting)
So Klez works even by simply previewing the message and launches itself. It has its own mail sending engine, and forges the From: field to look like it's real. It also copies past Subject: fields to fool the recipient.
But this time, our little friend Klez has brought his little friend Elkern32 [mcafee.com]. This nasty little guy infects executables on the infected computer, and is also network aware and infects files across the network. So even people who didn't use Outlook were infected. Some people had hundreds of infected programs on their computer.
And a cool thing about Elkern is that it can randomly overwrite a files bytes with all zeroes, while maintaining the file length. It can be nasty.
All this because no one updates their virus definitions.
Muerte
ugh (Score:2)
Otherwise, more viruses will just keep coming and coming.
Wrist hurts? (Score:2)
Your wrist hurts? As in... you're using a mouse to delete mail? You use a GRAPHICAL email program???!!!
Oh. Oh Commander Taco. We thought you were so elite... (weep)
In a related note, a _meg_ a day? Who are all these losers that have CmdrTaco's email address stored in their outlook address book? When I sent email to slashdot, I telnet to the SMTP server directly and type it out, just so I can mock all the lusers who have to use pine.
Likely Excuse (Score:2)
Yes, Taco, it is from handling your mouse that has caused your wrist trouble..
Yeah, sure.
Patch for Outlook (Score:2)
Msft Security Audit (Score:2)
It's always worked before....
Klez got infected by accident? (Score:3, Interesting)
"As far as (Chernobyl) is concerned, the Klez worm is just another file to infect," Weafer said. "It's quite common to see piggybacking effects when you have worms that have been propagating for a long time in the world."
So it is likely not that someone was trying to make Klez worse, it just happened on its own.
I don't think so... (Score:2)
That wasn't from deleting e-mails, it was from your viewing too much pr0n.
viruses (Score:4, Insightful)
Maybe you should tell the people on your contact list to stop opening attachments (or at least get the latest patches). Microsoft is all but Moron proof.
linux machines get hacked into every day. Is it a linux flaw? no...it's a user flaw. So why should Microsoft be nay different? Maybe because they're against open source?
Re:there should come a law for it... (Score:5, Funny)
Re:Secure computing (Score:2)
Blaming Microsoft is fashionable here, and, IMHO, encourages people who write viruses that attack MS products (one of many factors, but I suspect it is a major one). However, just because someone leaves there car unlocked does not mean they are at fault should they get robbed.
I'm not saying that better security should not be implemented. However, by simply saying it's MS's fault is simply condoning the virus-writers. Let's make them the pariahs.
Re:Seriously... (Score:2)
C'mon; you come to /. - surely you're savvy enough to manage that. And surely you didn't expect sympathy from the crowd here :P
Strong Bad Sucks! (Score:2)
Re:And M$ wants to "help" homeland SECURiTY? (Score:2)